You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@cocoon.apache.org by Chris Pratt <Ch...@three.co.uk> on 2003/05/13 15:46:26 UTC

Cocoon and security


> Can some one point me at a decent site with a clear explanation for
> security / authorization of a site:
> 
> I have the follwoing in my tomcat-users.xml:
> 
> <tomcat-users>
>   <role rolename="admin"/>
>   <role rolename="operator"/>
>   <user username="admin" password="admin" roles="admin"/>
>   <user username="operator" password="operator" roles="operator"/>
> <tomcat-users>
> 
> It is easy to tell everyone who can login to go everywhere however:
> I want to direct those that log on as admin to one place in my site , and
> operators to another; I have found the following to put in my sitemap.xml
> 
> <map:match pattern=""> 
> <map:select type="parameter"> 
> <map:parameter name="parameter-selector-test" value="{../ID}"/> 
> <map:when test="admin"> 
>  	<map:generate type="file" src="docs/cphome.xml"/>
> 	<map:transform type="xslt" src="xslt/simple-page2html.xsl"/>
> 	<map:serialize type="html"/>
> 	<map:parameter >name="use-request-parameters" value="true"/>
> </map:when> 
> <map:when test="operator"> 
>  	<map:generate type="file" src="docs/cphomeall.xml"/>
> 	<map:transform type="xslt" src="xslt/simple-page2html.xsl"/>
> 	<map:serialize type="html"/>
> 	<map:parameter >name="use-request-parameters" value="true"/>
> </map:when>
>  </map:select> 
> </map:match>
> 
> But this doesn't work either.... and I am not sure where in the site map a
> handler goes and no idea what  value="{../ID}" is.
> Anyway I am sure this should not be this hard, all I want to do is have a
> couple of people login in if they are admin go here, if operators go there
> Chris


________________________________________________________________________

This e-mail message (including any attachment) is intended only for the personal 
use of the recipient(s) named above. This message is confidential and may be 
legally privileged.  If you are not an intended recipient, you may not review, copy or 
distribute this message. If you have received this communication in error, please notify 
us immediately by e-mail and delete the original message.

Any views or opinions expressed in this message are those of the author only. 
Furthermore, this message (including any attachment) does not create any legally 
binding rights or obligations whatsoever, which may only be created by the exchange 
of hard copy documents signed by a duly authorised representative of Hutchison 
3G UK Limited.
________________________________________________________________________


---------------------------------------------------------------------
To unsubscribe, e-mail: cocoon-users-unsubscribe@xml.apache.org
For additional commands, e-mail: cocoon-users-help@xml.apache.org

Re: Cocoon and security

Posted by Stephan Michels <st...@apache.org>.



On Tue, 13 May 2003, Chris Pratt wrote:

>
>
> > Can some one point me at a decent site with a clear explanation for
> > security / authorization of a site:
> >
> > I have the follwoing in my tomcat-users.xml:
> >
> > <tomcat-users>
> >   <role rolename="admin"/>
> >   <role rolename="operator"/>
> >   <user username="admin" password="admin" roles="admin"/>
> >   <user username="operator" password="operator" roles="operator"/>
> > <tomcat-users>
> >
> > It is easy to tell everyone who can login to go everywhere however:
> > I want to direct those that log on as admin to one place in my site , and
> > operators to another; I have found the following to put in my sitemap.xml
> >
> > <map:match pattern="">
> > <map:select type="parameter">
> > <map:parameter name="parameter-selector-test" value="{../ID}"/>
> > <map:when test="admin">
> >  	<map:generate type="file" src="docs/cphome.xml"/>
> > 	<map:transform type="xslt" src="xslt/simple-page2html.xsl"/>
> > 	<map:serialize type="html"/>
> > 	<map:parameter >name="use-request-parameters" value="true"/>
> > </map:when>
> > <map:when test="operator">
> >  	<map:generate type="file" src="docs/cphomeall.xml"/>
> > 	<map:transform type="xslt" src="xslt/simple-page2html.xsl"/>
> > 	<map:serialize type="html"/>
> > 	<map:parameter >name="use-request-parameters" value="true"/>
> > </map:when>
> >  </map:select>
> > </map:match>
> >
> > But this doesn't work either.... and I am not sure where in the site map a
> > handler goes and no idea what  value="{../ID}" is.
> > Anyway I am sure this should not be this hard, all I want to do is have a
> > couple of people login in if they are admin go here, if operators go there
> > Chris

Write your own selector, which tests if the user have a
special role which request.isUserInRole.

public class UserRoleSelector implements Selector {

    boolean select (String expression, Map objectModel, Parameters
parameters) {

        return ObjectModelHelper.getRequest(objectModel).isUserInRole(expression);
    }
}

Stephan.


---------------------------------------------------------------------
To unsubscribe, e-mail: cocoon-users-unsubscribe@xml.apache.org
For additional commands, e-mail: cocoon-users-help@xml.apache.org